Yes, that is all understood. As I alluded to elsewhere in that message, we're just looking to raise the bar - not close every possible exploit hole.
-----Original Message----- From: Joseph S D Yao [mailto:[email protected]] For that kind of security, authenticating by IP address is a Bad Thing. IP addresses can be faked. A username/password over HTTPS can be more secure than authenticating via IP address. For that matter, can they authenticate to a certificate on your Web browser? _______________________________________________ Discuss mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
